Hyperion

Release 1.8 is a second midPoint release code-named Hyperion.

This version of midPoint is a step towards a production-ready product. Major refactoring that was required due to the OpenIDM heritage is now finished. The code is in a good shape and the system is maintainable. New features are focused on troubleshooting and diagnostics. The error reporting and logging are substantially enhanced. Lot of effort was invested in testing. The code is of "pre-release" quality and it is not intended for direct production use. It may be used to evaluate the technology and provide feedback.

Released on: Aug 8th 2011

Features

midPoint 1.8 provides following features:

Basic provisioning (create, read, update, delete)

Support for expressions to determine account attributes

Integration of Identity Connector Framework (ICF)

Introduction of Unified Connector Framework (UCF)

Identity repository based on BaseX XML database

Live synchronization functionality

Support for XPath version 2 expressions

Enhanced logging and error reporting

Initial version of task manager component

Lightweight structure

Support for Apache Tomcat web container

Changes

When compared to the previous version, Hyperion is introducing following changes:

Provisioning refactoring. The legacy OpenIDMv1 provisioning code was dropped and re-created using a cleaner code structure.

New Unified Connector Framework (UCF) interface was introduced. This partially works around known problems of ICF. It is also a first step in ICF evolution.

Background

midPoint is roughly based on OpenIDM version 1. When compared to OpenIDM v1, midPoint code was made significantly "lighter", removing some of the "dead meat" that accumulated over the year of hectic OpenIDM development. The code was also stabilized, the tests were fixed and the complete development process was brought back to a reasonable shape. The most significant changes are with regard to OpenIDM trunk in early 2010:

Removed OpenESB: OpenESB is a dead project and the hope of reviving it is very low. OpenESB was slowing down OpenIDM development from the very beginning. This does not mean that midPoint cannot be used in "ESB" environment. Just the approach was changed to decouple these technologies. midPoint is provided in a for of simple Java web application (WAR) based on Spring.

Removed Glassfish dependency: midPoint is no longer dependent on a specific application server. The primary development and testing platform is now Apache Tomcat.

Simplified build: The build system was completely revamped. The new build system is much simpler and based on a "pure" maven without any hacks.

Fixing unit tests: The unit tests were reviewed, deprecated unit tests were removed and the tests that are still needed were fixed. The tests would deserve better cleanup, but they are all passing now. And that's how it shall remain from this point on.

Architecture update: New wiki was created with an up-to-date information on current midPoint implementation and also the design. The UML models were updated as well, removing unnecessary components exactly as it happened in the code.

Refactoring of vital components: IDM Model, provisioning and repository were significantly refactored for a better code structure and improved readability.

Known Issues

There is a JAXB issue that is causing problems if a content of an QName is not well qualified, e.g. if it does not have a proper namespace prefix. The sympotoms are that midPoint seems to think that a part of an object is not there although it is there. E.g. the problem may appear as following log message:Account construction in user template (OID:c0c010c0-d34d-b33f-f00d-777111111111) must have resource or resourceRef defined.
The solution is to double-check that all QNames are valid. In this case the problem was caused by this:<i:resourceRef oid="c0c010c0-d34d-b33f-f00d-333111111112" type="ResourceType"/>
which should correctly be defined with an "i" prefix as:<i:resourceRef oid="c0c010c0-d34d-b33f-f00d-333111111112" type="i:ResourceType"/>
The problem was reported to the JAXB team (JAXB-833) but it was not yet resolved.

Password policy is not implemented. The password policy that was supposed to be part of OpenIDM version 1.8 is NOT fully supported in midPoint. The password management functionality is partially implemented, but not finished and not tested well enough for the release. It was moved out to a next release.

Password reset is not implemented

The Active Directory connector is not tested.

Connector hosts are not supported.

BaseX server won't start more than one instance above the same directory structure with data. Therefor it is not possible to run midPoint in Tomcat and unit tests simultaneously on the same machine. If Tomcat is already running the tests where repo is required won't be executed.

During building from source codes may some sanity test fail (This behavior was observed on slow build HW). Second run on sanity mostly PASS.